In conventional home office settings, users typically rely on passwords to impose security over home electronics such as personal computers, network attached storage (NAS) boxes, and routers. That is, when a user wishes to access such a device, the user provides a user identifier (or name) and a password. If the user-provided password matches an expected password for that user identifier, the home electronics device provides the user with access. Otherwise, the device denies access.
In conventional large enterprise settings, users may rely on authentication tokens to impose security over critical assets such as online bank accounts, corporate virtual private networks (VPNs), hospital records, and so on. The authentication tokens (e.g., a dedicated hardware device, a specialized software application installed on a smart phone, etc.) are configured to output different one-time use passcodes (OTPs) over time (e.g., a different OTP every minute). When a user wishes to access a critical asset, the user provides a user identifier and a current OTP from the authentication token issued to that user (perhaps with additional authenticating information such as a personal identification number or PIN, answers to knowledge-based authentication questions, biometric data, etc.). If the current OTP matches an expected OTP (and if other non-time-sensitive information matches as well), the user is granted access to the critical asset. Otherwise, the user is denied access.